New on LowEndTalk? Please Register and read our Community Rules.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
All new Registrations are manually reviewed and approved, so a short delay after registration may occur before your account becomes active.
$100 if you fix this Proxmox VM issue
$100 to the first person with a working fix
I have a server running Proxmox that refuses to give me networking on a VM. The vendor confirmed the VM's IP shows up in the ARP table but it cannot ping anything, not even the gateway
0-access-r02b08-drt-ams5.royalehosting.net(config)#show arp vrf internet <IP removed>
Address Age (sec) Hardware Addr Interface
<IP removed> 0:00:51 bc24.116f.970e Vlan100, Ethernet1/1
It's a brand new Proxmox install, all I did was create the VM and configure it the way all our other VMs are configured
Host:
root@host:~# cat /etc/network/interfaces
auto lo
iface lo inet loopback
auto vmbr0
iface vmbr0 inet static
address 45.94.x.2/24
gateway 45.94.x.1
bridge-ports enp1s0f0np0
bridge-stp off
bridge-fd 0
iface enp1s0f0np0 inet manual
iface enp1s0f1np1 inet manual
source /etc/network/interfaces.d/*
VM:
ens18 is bridged to vmbr0
root@vm:~# cat /etc/network/interfaces auto lo iface lo inet loopback auto ens18 iface ens18 inet static address 45.94.x.3/24 gateway 45.94.x.1
It's a 9950X on a Supermicro board with 2x 40G NICs, nothing exotic.
I've tried:
- Using the vendors provided prefix
- Using our prefix
- With and without LACP on the host
- Reinstalling the host and VM
- Swapping IPs between the host and VM
- Bridging the 2nd 40G interface to vmbr1 and giving that to the VM
- Praying
- A CT container
- virtio and Intel E1000 NICs
- Changing MTU
- Spoofing the host MAC's unused interface for the VMs NIC
Other boxes in this rack have VMs running fine. What could I be missing?
Comments
If you want access to the box to give it a shot send me a PM, I'll give you credentials and whatever else you need to figure this out
@emgh help this man, we can share the 100 bucks half and half.
have you tried turning it on and off?
I'll take that 100$ in crypto thanks
We can help you...send us a private message.
Can you use the additional IP on the host itself by just adding it to the interface.
Have you tried a routed setup?
On the host right now I assigned both its and the VMs IPs to the interface and they both work - the issue is getting the VM to work with it
I've not tried a routed setup, could you perhaps provide a config snippet so I can see what that would look like?
Sent - thanks!
This. At least verify that the IP is working.
I'd also leave a tcpdump running (only sniffing arps) to check what gives.
I vaguely remember you had some IPv6 issues as well - where everything looked right but somehow it didn't work. Seems similar. Not sure what the fix was there. Do you remember? Was the provider at fault (as in typo/fat-fingering, non-malicious stuff) for anything at all?
.
The IP works, using it on the host works, giving it to the VM doesnt - thats where the problem is
Will give that a try
Could not get that fixed, eventually put it on ice. Perhaps I'll revisit it to see if it has anything to do with this issue
Aah this is much better.
No iptables (or related) shenanigans going on - right? (never hurts to check).
The VM can ping the host (since they share the same bridge device vmbr0) and the host can ping the VM - whatever is causing the problem is after the physical interface
Gonna try sniffing with tcpdump
It's stock, but for completeness sake I did reset it. Made no difference
Bind it to your VM, grab your VM MAC address on the primary interface, then ask your host what MAC they see in their arp table.
It's probably:
They confirmed they see the correct MAC in the ARP table, and I asked them about MAC filtering:
Which they did and it did nothing - the vendor says its something server side, not their side
Happy to help out
shoot me a dm with more info
Yeah - I too suspect that somehow the VM's MAC isn't allowed/whitelisted and so it is dropping. IIRC, at other hosting providers (Hetzner, OVH), one gets an explicit MAC for the public IP which can then be assigned to the VM directly and bingo things work.
Not sure what the setup here is but it seems more provider guidance required.
@mw - you mention this exact setup works in your other machines at the same provider - so you didn't have to do any special MAC setup for those VMs with public IPs? If that's the case then as @wdmg points out - there's something odd about this particular port for filtering.
Shot you a DM
Yes we've never had to do anything special regarding MAC on the other machines running VMs in the same rack with the same prefix - the vendor says they triple checked and they do not have any filtering or security policy that would cause this issue
myb the bridge vmbr0 isn’t properly connected or configured. Can you confirm if the tapXXX interface shows up in brctl show vmbr0 when the VM is running?
feel free to dm if still pending.
Vendor tried disabling one of the interfaces on the switch to see if there was any weird looping, for some reason it took both of the hosts interfaces down
Right now we have one of the interfaces enabled on the switch, but both configured on the host to its two interfaces and both still work?
Very weird... anyway
root@host:~# brctl show vmbr0
bridge name bridge id STP enabled interfaces
vmbr0 8000.248a07053416 no enp1s0f0np0
Does this show anything useful?
Sure, let me drop you a DM!
add another interface with the main ip as address, no bridge ports or gateway and add the second IP address to it:
auto vmbr2 iface vmbr2 inet static address 45.94.x.2 netmask 255.255.255.255 bridge_ports none bridge_stp off bridge_fd 0 bridge_maxwait 0 up route add -host 45.94.x.3 dev vmbr2put the VMs network on that bridge and use .3 as IP inside and .2 as gateway
I like setting things up always with host routes / pointopoint, but I think that's not needed here, as your IPs seem to be in the same subnet anyway.
I sended you a DM about.
Is this AI generated? This looks AI generated.
Edit: they removed the AI generated nonsense
Yes, it's an answer given by the AI. I had a problem with proxmox too, and thanks to his solution I was able to solve the problem. It was just to try to help him, I don't need the reward he is offering
This works, the VM now has networking. It's not exactly what we want to do, but this is progress.
Does this working shed any light on why the way I usually do it doesn't work?
I HAD THIS EXACT ISSUE WITH THE EXACT SPEC YOUR HAVING, WITH THE EXACT SAME HOST!!!!
(although i had a 200G port & connectx6 mellanox NIC)
good luck fixing it, because i couldnt even after a reinstall. Royale wont be able to help...
GOOD LUCK!!!
is this by any chance the 45.94.221.0/24 range?
fr?